Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f4a66bb-3bbf-4f2d-81a1-89005f1bb7bd.roa
File: 5f4a66bb-3bbf-4f2d-81a1-89005f1bb7bd.roa (raw, json)
Hash identifier: wW2Ogfn2hd3ZYXSiAj0gn+XMMzpX4+FD8SIvO1o6f50=
Subject key identifier: A0:26:09:A8:41:F2:59:B2:D6:A9:91:5E:C2:49:FF:D8:CB:35:DB:3A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 420615FEEE18461A51BD2A241B59846FCF28E275
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f4a66bb-3bbf-4f2d-81a1-89005f1bb7bd.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:1020::/43 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:06:15:fe:ee:18:46:1a:51:bd:2a:24:1b:59:84:6f:cf:28:e2:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:60:90:29:ae:f4:fa:58:54:23:6e:eb:e1:1a:
20:ef:46:46:b4:c5:55:f5:c2:0c:b7:4b:8b:46:1e:
82:b2:28:31:00:3f:cf:32:02:61:20:ba:b8:d1:79:
93:46:4a:3d:d9:3b:ed:ee:c7:14:1a:bd:5b:00:9b:
2f:53:c0:b5:82:2a:c0:b9:43:2a:db:7f:35:4f:f8:
2b:f3:0b:6c:75:db:4a:8b:1b:0f:fd:ca:bd:b1:19:
4b:41:13:07:07:72:b9:1d:cc:0a:35:37:4e:fb:95:
6e:bd:54:97:3e:61:a6:a9:90:e6:29:65:cf:ef:11:
20:82:6c:ee:5c:eb:c9:3e:16:86:e7:4c:00:69:8e:
b2:8e:1d:73:e6:37:5a:c4:13:74:3b:ef:3e:0a:12:
74:4d:a1:26:06:d3:8f:e3:ff:7a:51:2b:b5:4c:a5:
e8:62:fc:79:46:43:e7:7b:4e:f0:12:2a:b7:8f:0c:
6d:e4:02:e4:82:bd:52:8f:42:8a:8d:16:09:c0:46:
ac:b4:8d:72:16:43:a1:44:6b:a8:5a:1c:84:29:6a:
aa:1e:43:99:bb:2a:a8:10:d5:c3:0b:4e:28:7a:84:
2a:2e:88:66:3f:67:6f:6d:cc:86:d9:a0:8d:ae:34:
00:2d:f4:38:ea:c3:73:5d:f9:69:b8:28:2e:c6:83:
3b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:26:09:A8:41:F2:59:B2:D6:A9:91:5E:C2:49:FF:D8:CB:35:DB:3A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f4a66bb-3bbf-4f2d-81a1-89005f1bb7bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1020::/43
Signature Algorithm: sha256WithRSAEncryption
3d:40:b6:c4:6a:0f:b8:96:55:a2:92:6c:cb:31:8f:32:09:99:
09:75:8e:bf:a0:a4:fa:fd:5b:ce:9c:51:a6:6a:bc:84:23:72:
1d:bc:c2:66:35:47:01:2a:6a:47:bf:58:b8:39:1c:0a:c7:8b:
0d:20:54:c1:29:4b:71:8d:20:2e:9d:5f:54:64:b8:50:4d:8b:
2d:a6:19:fc:68:c1:8b:31:8d:7b:27:4e:c8:31:c8:f7:62:0e:
dd:cb:76:b6:89:bf:1b:c0:5a:82:9c:f9:d3:8b:f6:1d:1a:0d:
b0:da:ed:40:58:c8:72:54:1e:3c:a5:4d:e2:4f:4c:9b:24:7d:
7a:37:45:58:17:d7:67:92:8e:02:3c:49:c9:99:9c:5a:cd:7e:
53:a6:a9:99:67:ba:6a:dc:7f:3a:b3:f7:31:6b:d8:61:8f:b7:
bc:e4:39:34:8b:67:56:30:09:10:49:86:db:96:19:ca:c0:cc:
bb:1d:85:61:0d:8d:a8:82:76:10:53:7a:bc:c4:97:aa:4f:76:
ab:1e:bf:69:96:f9:a9:aa:90:7e:d1:1a:de:33:e5:d0:1f:82:
b2:73:8b:c1:fb:5e:5e:5b:38:fa:64:1d:95:2a:29:fc:a8:2d:
b8:de:d2:c9:bd:81:6d:10:a8:70:9a:57:82:73:ad:a9:ac:d5:
17:c6:f0:98
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQgYV/u4YRhpRvSokG1mEb88o4nUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyZjQ1NjVmZWZlNmEzMDY3NjVhNTMyYWE5MWJjYWQ3NjdkN2I3MzJiOWFh
ODM3MGE1NzQyNmRmMzJiMGNiMDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtgkCmu9PpYVCNu6+EaIO9GRrTFVfXCDLdLi0YegrIoMQA/zzICYSC6uNF5
k0ZKPdk77e7HFBq9WwCbL1PAtYIqwLlDKtt/NU/4K/MLbHXbSosbD/3KvbEZS0ET
BwdyuR3MCjU3TvuVbr1Ulz5hpqmQ5illz+8RIIJs7lzryT4WhudMAGmOso4dc+Y3
WsQTdDvvPgoSdE2hJgbTj+P/elErtUyl6GL8eUZD53tO8BIqt48MbeQC5IK9Uo9C
io0WCcBGrLSNchZDoURrqFochClqqh5DmbsqqBDVwwtOKHqEKi6IZj9nb23Mhtmg
ja40AC30OOrDc135abgoLsaDO08CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSgJgmo
QfJZstapkV7CSf/YyzXbOjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWY0YTY2YmItM2JiZi00ZjJkLTgxYTEtODkwMDVmMWJiN2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBSoBBXgQ
IDANBgkqhkiG9w0BAQsFAAOCAQEAPUC2xGoPuJZVopJsyzGPMgmZCXWOv6Ck+v1b
zpxRpmq8hCNyHbzCZjVHASpqR79YuDkcCseLDSBUwSlLcY0gLp1fVGS4UE2LLaYZ
/GjBizGNeydOyDHI92IO3ct2tom/G8Bagpz504v2HRoNsNrtQFjIclQePKVN4k9M
myR9ejdFWBfXZ5KOAjxJyZmcWs1+U6apmWe6atx/OrP3MWvYYY+3vOQ5NItnVjAJ
EEmG25YZysDMux2FYQ2NqIJ2EFN6vMSXqk92qx6/aZb5qaqQftEa3jPl0B+CsnOL
wfteXls4+mQdlSop/KgtuN7Syb2BbRCocJpXgnOtqazVF8bwmA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:48:58 2025 by rpki-client